当前位置: 首页>>代码示例>>Python>>正文


Python RelationshipTypes.inverse方法代码示例

本文整理汇总了Python中crits.vocabulary.relationships.RelationshipTypes.inverse方法的典型用法代码示例。如果您正苦于以下问题:Python RelationshipTypes.inverse方法的具体用法?Python RelationshipTypes.inverse怎么用?Python RelationshipTypes.inverse使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在crits.vocabulary.relationships.RelationshipTypes的用法示例。


在下文中一共展示了RelationshipTypes.inverse方法的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: handle_raw_data_file

# 需要导入模块: from crits.vocabulary.relationships import RelationshipTypes [as 别名]
# 或者: from crits.vocabulary.relationships.RelationshipTypes import inverse [as 别名]

#.........这里部分代码省略.........
    is_rawdata_new = False
    raw_data = RawData.objects(md5=md5).first()
    if not raw_data:
        raw_data = RawData()
        raw_data.created = timestamp
        raw_data.description = description
        raw_data.md5 = md5
        # raw_data.source = [source_name]
        raw_data.data = data
        raw_data.title = title
        raw_data.data_type = data_type
        raw_data.add_tool(name=tool_name,
                          version=tool_version,
                          details=tool_details)
        is_rawdata_new = True

    # generate new source information and add to sample
    if isinstance(source_name, basestring) and len(source_name) > 0:
        if user.check_source_write(source_name):
            source = create_embedded_source(source_name,
                                       method=method,
                                       reference=reference,
                                       tlp=tlp,
                                       analyst=user.username)
            raw_data.add_source(source)

        else:
            return {"success":False,
                    "message": "User does not have permission to add object using source %s." % source_name}
        # this will handle adding a new source, or an instance automatically

    elif isinstance(source_name, EmbeddedSource):
        raw_data.add_source(source_name, method=method, reference=reference, tlp=tlp, analyst=user.usrname)
    elif isinstance(source_name, list) and len(source_name) > 0:
        for s in source_name:
            if isinstance(s, EmbeddedSource):
                raw_data.add_source(s, method=method, reference=reference, tlp=tlp, analyst=user.username)

    #XXX: need to validate this is a UUID
    if link_id:
        raw_data.link_id = link_id
        if copy_rels:
            rd2 = RawData.objects(link_id=link_id).first()
            if rd2:
                if len(rd2.relationships):
                    raw_data.save(username=user)
                    raw_data.reload()
                    for rel in rd2.relationships:
                        # Get object to relate to.
                        rel_item = class_from_id(rel.rel_type, rel.object_id)
                        if rel_item:
                            raw_data.add_relationship(rel_item,
                                                      rel.relationship,
                                                      rel_date=rel.relationship_date,
                                                      analyst=user.username)


    raw_data.version = len(RawData.objects(link_id=link_id)) + 1

    if bucket_list:
        raw_data.add_bucket_list(bucket_list, user)

    if ticket:
        raw_data.add_ticket(ticket, user);

    related_obj = None
    if related_id and related_type:
        related_obj = class_from_id(related_type, related_id)
        if not related_obj:
            retVal['success'] = False
            retVal['message'] = 'Related Object not found.'
            return retVal

    raw_data.save(username=user.username)

    if related_obj and relationship_type and raw_data:
        relationship_type=RelationshipTypes.inverse(relationship=relationship_type)
        raw_data.add_relationship(related_obj,
                              relationship_type,
                              analyst=user.username,
                              get_rels=False)
        raw_data.save(username=user.username)
        raw_data.reload()

    # save raw_data
    raw_data.save(username=user.username)

    # run raw_data triage
    if is_rawdata_new:
        raw_data.reload()
        run_triage(raw_data, user)

    status = {
        'success':      True,
        'message':      'Uploaded raw_data',
        '_id':          raw_data.id,
        'object':       raw_data
    }

    return status
开发者ID:armtash,项目名称:crits,代码行数:104,代码来源:handlers.py

示例2: ip_add_update

# 需要导入模块: from crits.vocabulary.relationships import RelationshipTypes [as 别名]
# 或者: from crits.vocabulary.relationships.RelationshipTypes import inverse [as 别名]

#.........这里部分代码省略.........

    if isinstance(source_name, basestring):
        if user.check_source_write(source):
            source = [create_embedded_source(source,
                                             reference=source_reference,
                                             method=source_method,
                                             tlp=source_tlp,
                                             analyst=user.username)]
        else:
            return {"success":False,
                    "message": "User does not have permission to add object \
                                using source %s." % source}

    if isinstance(campaign, basestring):
        c = EmbeddedCampaign(name=campaign, confidence=confidence, analyst=user.username)
        campaign = [c]

    if campaign:
        for camp in campaign:
            ip_object.add_campaign(camp)

    if source:
        for s in source:
            ip_object.add_source(s)
    else:
        return {"success" : False, "message" : "Missing source information."}

    if bucket_list:
        ip_object.add_bucket_list(bucket_list, user.username)

    if ticket:
        ip_object.add_ticket(ticket, user.username)

    related_obj = None
    if related_id:
        related_obj = class_from_id(related_type, related_id)
        if not related_obj:
            retVal['success'] = False
            retVal['message'] = 'Related Object not found.'
            return retVal

    resp_url = reverse('crits.ips.views.ip_detail', args=[ip_object.ip])


    if is_validate_only == False:
        ip_object.save(username=user.username)

        #set the URL for viewing the new data
        if is_item_new == True:
            retVal['message'] = ('Success! Click here to view the new IP: '
                                 '<a href="%s">%s</a>' % (resp_url, ip_object.ip))
        else:
            message = ('Updated existing IP: '
                                 '<a href="%s">%s</a>' % (resp_url, ip_object.ip))
            retVal['message'] = message
            retVal['status'] = form_consts.Status.DUPLICATE
            retVal['warning'] = message

    elif is_validate_only == True:
        if ip_object.id != None and is_item_new == False:
            message = ('Warning: IP already exists: '
                                 '<a href="%s">%s</a>' % (resp_url, ip_object.ip))
            retVal['message'] = message
            retVal['status'] = form_consts.Status.DUPLICATE
            retVal['warning'] = message

    if is_add_indicator:
        from crits.indicators.handlers import handle_indicator_ind
        result = handle_indicator_ind(ip_address,
                             source_name,
                             ip_type,
                             IndicatorThreatTypes.UNKNOWN,
                             IndicatorAttackTypes.UNKNOWN,
                             user,
                             source_method=source_method,
                             source_reference = indicator_reference,
                             source_tlp = source_tlp,
                             add_domain=False,
                             add_relationship=True,
                             bucket_list=bucket_list,
                             ticket=ticket,
                             cache=cache)

    if related_obj and ip_object and relationship_type:
        relationship_type=RelationshipTypes.inverse(relationship=relationship_type)
        ip_object.add_relationship(related_obj,
                              relationship_type,
                              analyst=user.username,
                              get_rels=False)
        ip_object.save(username=user.username)

    # run ip triage
    if is_item_new and is_validate_only == False:
        ip_object.reload()
        run_triage(ip_object, user)

    retVal['success'] = True
    retVal['object'] = ip_object

    return retVal
开发者ID:brlogan,项目名称:crits,代码行数:104,代码来源:handlers.py

示例3: handle_pcap_file

# 需要导入模块: from crits.vocabulary.relationships import RelationshipTypes [as 别名]
# 或者: from crits.vocabulary.relationships.RelationshipTypes import inverse [as 别名]

#.........这里部分代码省略.........
        return status
    if ((related_id or related_md5) and not related_type):
        status = {
            'success':   False,
            'message':  'Must specify both related_type and related_id or related_md5.'
        }
        return status

    if not source_name:
        return {"success" : False, "message" : "Missing source information."}

    related_obj = None
    if related_id or related_md5:
        if related_id:
            related_obj = class_from_id(related_type, related_id)
        else:
            related_obj = class_from_value(related_type, related_md5)
        if not related_obj:
            status = {
                'success': False,
                'message': 'Related object not found.'
            }
            return status


    # generate md5 and timestamp
    md5 = hashlib.md5(data).hexdigest()
    timestamp = datetime.datetime.now()

    # generate PCAP
    is_pcap_new = False
    pcap = PCAP.objects(md5=md5).first()
    if not pcap:
        pcap = PCAP()
        pcap.filename = filename
        pcap.created = timestamp
        pcap.length = len(data)
        pcap.description = description
        pcap.md5 = md5
        is_pcap_new = True

    # generate source information and add to pcap
    if isinstance(source_name, basestring) and len(source_name) > 0:
        if user.check_source_write(source_name):
            s = create_embedded_source(source_name,
                                       method=method,
                                       reference=reference,
                                       tlp=tlp,
                                       analyst=user.username)
        else:
            return {"success":False,
                    "message": "User does not have permission to add object \
                                using source %s." % source_name}
        pcap.add_source(s)
    elif isinstance(source_name, EmbeddedSource):
        pcap.add_source(source_name, method=method, reference=reference)
    elif isinstance(source_name, list) and len(source_name) > 0:
        for s in source_name:
            if isinstance(s, EmbeddedSource):
                pcap.add_source(s, method=method, reference=reference)

    # add file to GridFS
    if not isinstance(pcap.filedata.grid_id, ObjectId):
        pcap.add_file_data(data)

    if bucket_list:
        pcap.add_bucket_list(bucket_list, user)

    if ticket:
        pcap.add_ticket(ticket, user)

    # save pcap
    pcap.save(username=user)

    # update relationship if a related top-level object is supplied
    if related_obj and pcap:
        if relationship:
            relationship=RelationshipTypes.inverse(relationship=relationship)
        else:
            relationship = RelationshipTypes.RELATED_TO
        pcap.add_relationship(related_obj,
                              relationship,
                              analyst=user,
                              get_rels=False)
        pcap.save(username=user)

    # run pcap triage
    if is_pcap_new and data:
        pcap.reload()
        run_triage(pcap, user)

    status = {
        'success':      True,
        'message':      'Uploaded pcap',
        'md5':          md5,
        'id':           str(pcap.id),
        'object':       pcap
    }

    return status
开发者ID:armtash,项目名称:crits,代码行数:104,代码来源:handlers.py

示例4: upsert_target

# 需要导入模块: from crits.vocabulary.relationships import RelationshipTypes [as 别名]
# 或者: from crits.vocabulary.relationships.RelationshipTypes import inverse [as 别名]
def upsert_target(data, analyst):
    """
    Add/update target information.

    :param data: The target information.
    :type data: dict
    :param analyst: The user adding the target.
    :type analyst: str
    :returns: dict with keys "success" (boolean) and "message" (str)
    """

    if 'email_address' not in data:
        return {'success': False,
                'message': "No email address to look up"}

    # check for exact match first
    target = Target.objects(email_address=data['email_address']).first()

    if not target: # if no exact match, look for case-insensitive match
        target = Target.objects(email_address__iexact=data['email_address']).first()
    is_new = False
    if not target:
        is_new = True
        target = Target()
        target.email_address = data['email_address'].strip().lower()

    bucket_list = False
    ticket = False
    if 'department' in data:
        target.department = data['department']
    if 'division' in data:
        target.division = data['division']
    if 'organization_id' in data:
        target.organization_id = data['organization_id']
    if 'firstname' in data:
        target.firstname = data['firstname']
    if 'lastname' in data:
        target.lastname = data['lastname']
    if 'note' in data:
        target.note = data['note']
    if 'title' in data:
        target.title = data['title']
    if 'campaign' in data and 'camp_conf' in data:
        target.add_campaign(EmbeddedCampaign(name=data['campaign'],
                                             confidence=data['camp_conf'],
                                             analyst=analyst))
    if 'bucket_list' in data:
        bucket_list = data.get(form_consts.Common.BUCKET_LIST_VARIABLE_NAME)
    if 'ticket' in data:
        ticket = data.get(form_consts.Common.TICKET_VARIABLE_NAME)
    if 'related_id' in data:
        related_id = data['related_id']
    if 'related_type' in data:
        related_type = data['related_type']
    if 'relationship_type' in data:
        relationship_type = data['relationship_type']


    if bucket_list:
        target.add_bucket_list(bucket_list, analyst)

    if ticket:
        target.add_ticket(ticket, analyst)

    related_obj = None
    if related_id:
        related_obj = class_from_id(related_type, related_id)
        if not related_obj:
            retVal['success'] = False
            retVal['message'] = 'Related Object not found.'
            return retVal

    try:
        target.save(username=analyst)

        if related_obj and target:
            relationship_type=RelationshipTypes.inverse(relationship=relationship_type)
            target.add_relationship(related_obj,
                                  relationship_type,
                                  analyst=analyst,
                                  get_rels=False)
            target.save(username=analyst)

        target.reload()

        if is_new:
            run_triage(target, analyst)
        return {'success': True,
                'message': "Target saved successfully",
                'id': str(target.id)}
    except ValidationError, e:
        return {'success': False,
                'message': "Target save failed: %s" % e}
开发者ID:ckane,项目名称:crits,代码行数:95,代码来源:handlers.py

示例5: and

# 需要导入模块: from crits.vocabulary.relationships import RelationshipTypes [as 别名]
# 或者: from crits.vocabulary.relationships.RelationshipTypes import inverse [as 别名]
            fqdn_domain.save(username=username)
    except Exception, e:
        return {'success': False, 'message': e}

    #Add relationships between fqdn, root
    if fqdn_domain and root_domain:
        root_domain.add_relationship(fqdn_domain,
                                     RelationshipTypes.SUPRA_DOMAIN_OF,
                                     analyst=username,
                                     get_rels=False)
        root_domain.save(username=username)
        fqdn_domain.save(username=username)

    #Add relationships from object domain is being added from
    if related_obj and relationship_type:
        relationship_type=RelationshipTypes.inverse(relationship=relationship_type)
        if fqdn_domain and (related_obj != fqdn_domain):
            fqdn_domain.add_relationship(related_obj,
                                         relationship_type,
                                         analyst=username,
                                         get_rels=False)
            fqdn_domain.save(username=username)
        if root_domain and (related_obj != root_domain):
            root_domain.add_relationship(related_obj,
                                         relationship_type,
                                         analyst=username,
                                         get_rels=False)
            root_domain.save(username=username)
    
    # run domain triage
    if is_fqdn_domain_new:
开发者ID:971sec,项目名称:crits,代码行数:33,代码来源:handlers.py

示例6: add_new_event

# 需要导入模块: from crits.vocabulary.relationships import RelationshipTypes [as 别名]
# 或者: from crits.vocabulary.relationships.RelationshipTypes import inverse [as 别名]

#.........这里部分代码省略.........
    :type: str
    :param ticket: Ticket to associate with this event.
    :type ticket: str
    :param related_id: ID of object to create relationship with
    :type related_id: str
    :param related_type: Type of object to create relationship with
    :type related_type: str
    :param relationship_type: Type of relationship to create.
    :type relationship_type: str
    :returns: dict with keys "success" (boolean) and "message" (str)
    :param campaign: Campaign to associate with this Event
    :type campaign: str
    :param campaign_confidence: Confidence to associate with the Campaign
    :type campaign_confidence: str
    """

    if not source_name:
        return {'success': False, 'message': "Missing source information."}

    result = dict()
    event = Event()
    event.title = title
    event.description = description
    event.set_event_type(event_type)

    if user.check_source_write(source_name):
        s = create_embedded_source(source_name,
                                   reference=source_reference,
                                   method=source_method,
                                   tlp=source_tlp,
                                   analyst=user.username,
                                   date=date)
    else:
        return {"success": False,
                "message": "User does not have permission to add object \
                            using source %s." % source_name}
    event.add_source(s)

    valid_campaign_confidence = {
        'low': 'low',
        'medium': 'medium',
        'high': 'high'}
    valid_campaigns = {}
    for c in Campaign.objects(active='on'):
        valid_campaigns[c['name'].lower()] = c['name']

    if campaign:
        if isinstance(campaign, basestring) and len(campaign) > 0:
            if campaign.lower() not in valid_campaigns:
                result = {'success':False, 'message':'{} is not a valid campaign.'.format(campaign)}
            else:
                confidence = valid_campaign_confidence.get(campaign_confidence, 'low')
                campaign = EmbeddedCampaign(name=campaign,
                                                   confidence=confidence,
                                                   description="",
                                                   analyst=user.username,
                                                   date=datetime.datetime.now())
                event.add_campaign(campaign)

    if bucket_list:
        event.add_bucket_list(bucket_list, user.username)

    if ticket:
        event.add_ticket(ticket, user.username)

    related_obj = None
    if related_id:
        related_obj = class_from_id(related_type, related_id)
        if not related_obj:
            retVal['success'] = False
            retVal['message'] = 'Related Object not found.'
            return retVal

    try:
        event.save(username=user.username)

        if related_obj and event and relationship_type:
            relationship_type=RelationshipTypes.inverse(relationship=relationship_type)
            event.add_relationship(related_obj,
                                  relationship_type,
                                  analyst=user.username,
                                  get_rels=False)
            event.save(username=user.username)

        # run event triage
        event.reload()
        run_triage(event, user.username)

        message = ('<div>Success! Click here to view the new event: <a href='
                   '"%s">%s</a></div>' % (reverse('crits-events-views-view_event',
                                                  args=[event.id]),
                                          title))
        result = {'success': True,
                  'message': message,
                  'id': str(event.id),
                  'object': event}

    except ValidationError, e:
        result = {'success': False,
                  'message': e}
开发者ID:armtash,项目名称:crits,代码行数:104,代码来源:handlers.py

示例7: handle_signature_file

# 需要导入模块: from crits.vocabulary.relationships import RelationshipTypes [as 别名]
# 或者: from crits.vocabulary.relationships.RelationshipTypes import inverse [as 别名]

#.........这里部分代码省略.........
        status = {"success": False, "message": "No data object, title, or data type passed in"}
        return status

    if not source_name:
        return {"success": False, "message": "Missing source information."}

    rdt = SignatureType.objects(name=data_type).first()
    if not rdt:
        status = {"success": False, "message": "Invalid data type passed in"}
        return status

    if len(data) <= 0:
        status = {"success": False, "message": "Data length <= 0"}
        return status

    # generate md5 and timestamp
    md5 = hashlib.md5(data).hexdigest()
    timestamp = datetime.datetime.now()

    # generate signature
    signature = Signature()
    signature.created = timestamp
    signature.description = description
    signature.md5 = md5
    signature.data = data
    signature.title = title
    signature.data_type = data_type
    signature.data_type_min_version = data_type_min_version
    signature.data_type_max_version = data_type_max_version

    if data_type_dependency:
        if type(data_type_dependency) == unicode:
            data_type_dependency = data_type_dependency.split(",")

        for item in data_type_dependency:
            if item:
                item = item.strip()
                signature.data_type_dependency.append(str(item))
    else:
        data_type_dependency = []

    # generate new source information and add to sample
    if isinstance(source_name, basestring) and len(source_name) > 0:
        source = create_embedded_source(source_name, date=timestamp, method=method, reference=reference, analyst=user)
        # this will handle adding a new source, or an instance automatically
        signature.add_source(source)
    elif isinstance(source_name, EmbeddedSource):
        signature.add_source(source_name, method=method, reference=reference)
    elif isinstance(source_name, list) and len(source_name) > 0:
        for s in source_name:
            if isinstance(s, EmbeddedSource):
                signature.add_source(s, method=method, reference=reference)

    signature.version = len(Signature.objects(link_id=link_id)) + 1

    if link_id:
        signature.link_id = link_id
        if copy_rels:
            rd2 = Signature.objects(link_id=link_id).first()
            if rd2:
                if len(rd2.relationships):
                    signature.save(username=user)
                    signature.reload()
                    for rel in rd2.relationships:
                        # Get object to relate to.
                        rel_item = class_from_id(rel.rel_type, rel.object_id)
                        if rel_item:
                            signature.add_relationship(
                                rel_item, rel.relationship, rel_date=rel.relationship_date, analyst=user
                            )

    if bucket_list:
        signature.add_bucket_list(bucket_list, user)

    if ticket:
        signature.add_ticket(ticket, user)

    related_obj = None
    if related_id and related_type:
        related_obj = class_from_id(related_type, related_id)
        if not related_obj:
            retVal["success"] = False
            retVal["message"] = "Related Object not found."
            return retVal

    signature.save(username=user)

    if related_obj and signature and relationship_type:
        relationship_type = RelationshipTypes.inverse(relationship=relationship_type)
        signature.add_relationship(related_obj, relationship_type, analyst=user, get_rels=False)
        signature.save(username=user)
        signature.reload()

    # save signature
    signature.save(username=user)
    signature.reload()

    status = {"success": True, "message": "Uploaded signature", "_id": signature.id, "object": signature}

    return status
开发者ID:robertsjw,项目名称:crits,代码行数:104,代码来源:handlers.py

示例8: add_campaign

# 需要导入模块: from crits.vocabulary.relationships import RelationshipTypes [as 别名]
# 或者: from crits.vocabulary.relationships.RelationshipTypes import inverse [as 别名]
def add_campaign(name, description, aliases, analyst,
                 bucket_list=None, ticket=None, related_id=None,
                 related_type=None, relationship_type=None):
    """
    Add a Campaign.

    :param name: The name of the new Campaign.
    :type name: str
    :param description: Description of the new Campaign.
    :type description: str
    :param aliases: Aliases for the new Campaign.
    :type aliases: str (comma separated) or list.
    :param analyst: The user adding the Campaign.
    :type analyst: str
    :param bucket_list: Buckets to add to this Campaign.
    :type bucket_list: str (comma separated) or list.
    :param ticket: Ticket(s) to add to this Campaign.
    :type ticket: str (comma separated) or list.
    :param related_id: ID of object to create relationship with
    :type related_id: str
    :param related_type: Type of object to create relationship with
    :type related_id: str
    :param relationship_type: Type of relationship to create.
    :type relationship_type: str
    :returns: dict with key 'success' (boolean) and 'message' (str).
    """

    # Verify the Campaign does not exist.
    campaign = Campaign.objects(name=name).first()
    if campaign:
        return {'success': False, 'message': ['Campaign already exists.'],
                'id': str(campaign.id)}

    # Create new campaign.
    campaign = Campaign(name=name)
    campaign.edit_description(description)

    if bucket_list:
        campaign.add_bucket_list(bucket_list, analyst)
    if ticket:
        campaign.add_ticket(ticket, analyst)

    # Adjust aliases.
    if isinstance(aliases, basestring):
        alias_list = aliases.split(',')
        final_aliases = [a.strip() for a in alias_list]
    elif isinstance(aliases, list):
        final_aliases = [a.strip() for a in aliases]
    else:
        final_aliases = []
    campaign.add_alias(final_aliases)

    related_obj = None
    if related_id and related_type:
        related_obj = class_from_id(related_type, related_id)
        if not related_obj:
            retVal['success'] = False
            retVal['message'] = 'Related Object not found.'
            return retVal

    campaign.save(username=analyst)

    if related_obj and relationship_type and campaign:
        relationship_type=RelationshipTypes.inverse(relationship=relationship_type)
        campaign.add_relationship(related_obj,
                              relationship_type,
                              analyst=analyst,
                              get_rels=False)
        campaign.save(username=analyst)
        campaign.reload()

    try:
        campaign.save(username=analyst)
        campaign.reload()
        return {'success': True,
                'message': 'Campaign created successfully!',
                'id': str(campaign.id)}
    except ValidationError, e:
        return {'success': False, 'message': "Invalid value: %s" % e}
开发者ID:armtash,项目名称:crits,代码行数:81,代码来源:handlers.py

示例9: add_new_exploit

# 需要导入模块: from crits.vocabulary.relationships import RelationshipTypes [as 别名]
# 或者: from crits.vocabulary.relationships.RelationshipTypes import inverse [as 别名]

#.........这里部分代码省略.........
    :param bucket_list: Buckets to assign to this exploit.
    :type bucket_list: str
    :param ticket: Ticket to assign to this exploit.
    :type ticket: str
    :param related_id: ID of object to create relationship with
    :type related_id: str
    :param related_type: Type of object to create relationship with
    :type related_type: str
    :param relationship_type: Type of relationship to create.
    :type relationship_type: str
    :returns: dict with keys:
              "success" (boolean),
              "message" (str),
              "object" (if successful) :class:`crits.exploits.exploit.Exploit`
    """

    is_item_new = False
    retVal = {}
    exploit = Exploit.objects(name=name).first()

    if not exploit:
        exploit = Exploit()
        exploit.name = name
        if description:
            exploit.description = description.strip()
        is_item_new = True

    username = user.username

    if isinstance(source, basestring):
        if user.check_source_write(source):
            source = [create_embedded_source(source,
                                             reference=source_reference,
                                             method=source_method,
                                             tlp=source_tlp,
                                             analyst=username)]
        else:
            return {"success": False,
                    "message": "User does not have permission to add object \
                                using source %s." % source}

    elif isinstance(source, EmbeddedSource):
        source = [source]

    if isinstance(campaign, basestring):
        c = EmbeddedCampaign(name=campaign, confidence=confidence, analyst=username)
        campaign = [c]

    if campaign:
        for camp in campaign:
            exploit.add_campaign(camp)

    if source:
        for s in source:
            exploit.add_source(s)
    else:
        return {"success" : False, "message" : "Missing source information."}

    exploit.cve = cve.strip()

    if bucket_list:
        exploit.add_bucket_list(bucket_list, user)

    if ticket:
        exploit.add_ticket(ticket, user)

    related_obj = None
    if related_id:
        related_obj = class_from_id(related_type, related_id)
        if not related_obj:
            retVal['success'] = False
            retVal['message'] = 'Related Object not found.'
            return retVal


    exploit.save(username=username)

    if related_obj and exploit and relationship_type:
        relationship_type=RelationshipTypes.inverse(relationship=relationship_type)
        exploit.add_relationship(related_obj,
                               relationship_type,
                               analyst=user,
                               get_rels=False)
        exploit.save(username=username)

    # run exploit triage
    if is_item_new:
        exploit.reload()
        run_triage(exploit, username)

    resp_url = reverse('crits-exploits-views-exploit_detail', args=[exploit.id])

    retVal['message'] = ('Success! Click here to view the new Exploit: '
                         '<a href="%s">%s</a>' % (resp_url, exploit.name))

    retVal['success'] = True
    retVal['object'] = exploit
    retVal['id'] = str(exploit.id)

    return retVal
开发者ID:armtash,项目名称:crits,代码行数:104,代码来源:handlers.py

示例10: handle_cert_file

# 需要导入模块: from crits.vocabulary.relationships import RelationshipTypes [as 别名]
# 或者: from crits.vocabulary.relationships.RelationshipTypes import inverse [as 别名]

#.........这里部分代码省略.........
        status = {
            'success':   False,
            'message':  'No data object passed in'
        }
        return status
    if len(data) <= 0:
        status = {
            'success':   False,
            'message':  'Data length <= 0'
        }
        return status
    if ((related_type and not (related_id or related_md5)) or
        (not related_type and (related_id or related_md5))):
        status = {
            'success':   False,
            'message':  'Must specify both related_type and related_id or related_md5.'
        }
        return status

    related_obj = None
    if related_id or related_md5:
        if related_id:
            related_obj = class_from_id(related_type, related_id)
        else:
            related_obj = class_from_value(related_type, related_md5)
        if not related_obj:
            status = {
                'success': False,
                'message': 'Related object not found.'
            }
            return status

    # generate md5 and timestamp
    md5 = hashlib.md5(data).hexdigest()
    timestamp = datetime.datetime.now()

    # generate Certificate
    cert = Certificate.objects(md5=md5).first()
    if not cert:
        cert = Certificate()
        cert.filename = filename
        cert.created = timestamp
        cert.size = len(data)
        cert.description = description
        cert.md5 = md5

    # generate source information and add to certificate
    if isinstance(source_name, basestring) and len(source_name) > 0:
        s = create_embedded_source(source_name,
                                   method=method,
                                   reference=reference,
                                   analyst=user)
        cert.add_source(s)
    elif isinstance(source_name, EmbeddedSource):
        cert.add_source(source_name, method=method, reference=reference)
    elif isinstance(source_name, list) and len(source_name) > 0:
        for s in source_name:
            if isinstance(s, EmbeddedSource):
                cert.add_source(s, method=method, reference=reference)

    if bucket_list:
        cert.add_bucket_list(bucket_list, user)

    if ticket:
        cert.add_ticket(ticket, user)

    # add file to GridFS
    if not isinstance(cert.filedata.grid_id, ObjectId):
        cert.add_file_data(data)

    # save cert
    cert.save(username=user)
    cert.reload()

    # run certificate triage
    if len(AnalysisResult.objects(object_id=str(cert.id))) < 1 and data:
        run_triage(cert, user)

    # update relationship if a related top-level object is supplied
    if related_obj and cert:
        if relationship_type:
            relationship=RelationshipTypes.inverse(relationship=relationship_type)
        if not relationship:
            relationship = RelationshipTypes.RELATED_TO
            
        cert.add_relationship(related_obj,
                              relationship,
                              analyst=user,
                              get_rels=False)
        cert.save(username=user)

    status = {
        'success':      True,
        'message':      'Uploaded certificate',
        'md5':          md5,
        'id':           str(cert.id),
        'object':       cert
    }

    return status
开发者ID:971sec,项目名称:crits,代码行数:104,代码来源:handlers.py

示例11: add_new_actor

# 需要导入模块: from crits.vocabulary.relationships import RelationshipTypes [as 别名]
# 或者: from crits.vocabulary.relationships.RelationshipTypes import inverse [as 别名]
def add_new_actor(name, aliases=None, description=None, source=None,
                  source_method='', source_reference='', campaign=None,
                  confidence=None, analyst=None, bucket_list=None, ticket=None, 
                  related_id=None, related_type=None, relationship_type=None):
    """
    Add an Actor to CRITs.

    :param name: The name of the Actor.
    :type name: str
    :param aliases: Aliases for the actor.
    :type aliases: list or str
    :param description: Description of the actor.
    :type description: str
    :param source: Name of the source which provided this information.
    :type source: str
    :param source_method: Method of acquiring this data.
    :type source_method: str
    :param source_reference: A reference to this data.
    :type source_reference: str
    :param campaign: A campaign to attribute to this actor.
    :type campaign: str
    :param confidence: Confidence level in the campaign attribution.
    :type confidence: str ("low", "medium", "high")
    :param analyst: The user adding this actor.
    :type analyst: str
    :param bucket_list: Buckets to assign to this actor.
    :type bucket_list: str
    :param ticket: Ticket to assign to this actor.
    :type ticket: str
    :param related_id: ID of object to create relationship with
    :type related_id: str
    :param related_type: Type of object to create relationship with
    :type related_id: str
    :param relationship_type: Type of relationship to create.
    :type relationship_type: str
    :returns: dict with keys:
              "success" (boolean),
              "message" (str),
              "object" (if successful) :class:`crits.actors.actor.Actor`
    """

    is_item_new = False
    retVal = {}
    actor = Actor.objects(name=name).first()

    if not actor:
        actor = Actor()
        actor.name = name
        if description:
            actor.description = description.strip()
        is_item_new = True

    if isinstance(source, basestring):
        source = [create_embedded_source(source,
                                         reference=source_reference,
                                         method=source_method,
                                         analyst=analyst)]

    if isinstance(campaign, basestring):
        c = EmbeddedCampaign(name=campaign, confidence=confidence, analyst=analyst)
        campaign = [c]

    if campaign:
        for camp in campaign:
            actor.add_campaign(camp)

    if source:
        for s in source:
            actor.add_source(s)
    else:
        return {"success" : False, "message" : "Missing source information."}

    if not isinstance(aliases, list):
        aliases = aliases.split(',')
        for alias in aliases:
            alias = alias.strip()
            if alias not in actor.aliases:
                actor.aliases.append(alias)

    if bucket_list:
        actor.add_bucket_list(bucket_list, analyst)

    if ticket:
        actor.add_ticket(ticket, analyst)

    related_obj = None
    if related_id and related_type:
        related_obj = class_from_id(related_type, related_id)
        if not related_obj:
            retVal['success'] = False
            retVal['message'] = 'Related Object not found.'
            return retVal

    actor.save(username=analyst)

    if related_obj and actor:
            relationship_type=RelationshipTypes.inverse(relationship=relationship_type)
            actor.add_relationship(related_obj,
                                  relationship_type,
                                  analyst=analyst,
#.........这里部分代码省略.........
开发者ID:971sec,项目名称:crits,代码行数:103,代码来源:handlers.py

示例12: add_new_event

# 需要导入模块: from crits.vocabulary.relationships import RelationshipTypes [as 别名]
# 或者: from crits.vocabulary.relationships.RelationshipTypes import inverse [as 别名]
def add_new_event(title, description, event_type, source, method, reference,
                  date, analyst, bucket_list=None, ticket=None, related_id=None, 
                  related_type=None, relationship_type=None):
    """
    Add a new Event to CRITs.

    :param title: Event title.
    :type title: str
    :param description: Event description.
    :type description: str
    :param event_type: Event type.
    :type event_type: str
    :param source: The source which provided this information.
    :type source: str
    :param method: THe method of acquiring this information.
    :type method: str
    :param reference: Reference to this data.
    :type reference: str
    :param date: Date of acquiring this data.
    :type date: datetime.datetime
    :param analyst: The user adding this Event.
    :type analyst: str
    :param bucket_list: The bucket(s) to associate with this Event.
    :type: str
    :param ticket: Ticket to associate with this event.
    :type ticket: str
    :param related_id: ID of object to create relationship with
    :type related_id: str
    :param related_type: Type of object to create relationship with
    :type related_type: str
    :param relationship_type: Type of relationship to create.
    :type relationship_type: str
    :returns: dict with keys "success" (boolean) and "message" (str)
    """

    if not source:
        return {'success': False, 'message': "Missing source information."}

    event = Event()
    event.title = title
    event.description = description
    event.set_event_type(event_type)

    s = create_embedded_source(name=source,
                               reference=reference,
                               method=method,
                               analyst=analyst,
                               date=date)
    event.add_source(s)

    if bucket_list:
        event.add_bucket_list(bucket_list, analyst)

    if ticket:
        event.add_ticket(ticket, analyst)

    related_obj = None
    if related_id:
        related_obj = class_from_id(related_type, related_id)
        if not related_obj:
            retVal['success'] = False
            retVal['message'] = 'Related Object not found.'
            return retVal

    try:
        event.save(username=analyst)

        if related_obj and event and relationship_type:
            relationship_type=RelationshipTypes.inverse(relationship=relationship_type)
            event.add_relationship(related_obj,
                                  relationship_type,
                                  analyst=analyst,
                                  get_rels=False)
            event.save(username=analyst)

        # run event triage
        event.reload()
        run_triage(event, analyst)

        message = ('<div>Success! Click here to view the new event: <a href='
                   '"%s">%s</a></div>' % (reverse('crits.events.views.view_event',
                                                  args=[event.id]),
                                          title))
        result = {'success': True,
                  'message': message,
                  'id': str(event.id),
                  'object': event}

    except ValidationError, e:
        result = {'success': False,
                  'message': e}
开发者ID:ckane,项目名称:crits,代码行数:93,代码来源:handlers.py

示例13: add_new_backdoor

# 需要导入模块: from crits.vocabulary.relationships import RelationshipTypes [as 别名]
# 或者: from crits.vocabulary.relationships.RelationshipTypes import inverse [as 别名]

#.........这里部分代码省略.........
    # object.
    objs = []

    # First check if we have the family (name and no version).
    family = Backdoor.objects(name=name, version='').first()

    if not family:
        # Family does not exist, new object. Details are handled later.
        family = Backdoor()
        family.name = name
        family.version = ''

    objs.append(family)

    # Now check if we have the specific instance for this name + version.
    backdoor = None
    if version:
        backdoor = Backdoor.objects(name=name, version=version).first()
        if not backdoor:
            # Backdoor does not exist, new object. Details are handled later.
            backdoor = Backdoor()
            backdoor.name = name
            backdoor.version = version
        objs.append(backdoor)

    # At this point we have a family object and potentially a specific object.
    # Add the common parameters to all objects in the list and save them.
    for backdoor in objs:
        for s in source:
            backdoor.add_source(s)

        # Don't overwrite existing description.
        if description and backdoor.description == '':
            backdoor.description = description.strip()

        if isinstance(campaign, basestring):
            c = EmbeddedCampaign(name=campaign,
                                 confidence=confidence,
                                 analyst=user)
            campaign = [c]

        if campaign:
            for camp in campaign:
                backdoor.add_campaign(camp)

        if aliases:
            if isinstance(aliases, basestring):
                aliases = aliases.split(',')
            for alias in aliases:
                alias = alias.strip()
                if alias not in backdoor.aliases:
                    backdoor.aliases.append(alias)

        if bucket_list:
            backdoor.add_bucket_list(bucket_list, user)

        if ticket:
            backdoor.add_ticket(ticket, user)

        backdoor.save(username=user)

        # run backdoor triage
        backdoor.reload()
        run_triage(backdoor, user)

        # Because family objects are put in the list first we will always
        # return a link to the most specific object created. If there is only
        # one item in the list it will be the family object.
        resp_url = reverse('crits.backdoors.views.backdoor_detail',
                           args=[backdoor.id])
        retVal['message'] = 'Success: <a href="%s">%s</a>' % (resp_url,
                                                              backdoor.name)
        retVal['object'] = backdoor
        retVal['id'] = str(backdoor.id)

    # Only relate to the most specific object created. 
    related_obj = None
    if related_id and related_type:
        related_obj = class_from_id(related_type, related_id)
        if not related_obj:
            retVal['success'] = False
            retVal['message'] = 'Related Object not found.'
            return retVal

    if related_obj and relationship_type and backdoor:
        relationship_type=RelationshipTypes.inverse(relationship=relationship_type)
        backdoor.add_relationship(related_obj,
                                  relationship_type,
                                  analyst=user,
                                  get_rels=False)
        backdoor.save(username=user)
        backdoor.reload()
            
    # If we have a family and specific object, attempt to relate the two.
    if len(objs) == 2:
        objs[0].add_relationship(objs[1], RelationshipTypes.RELATED_TO)
        objs[0].save()

    retVal['success'] = True
    return retVal
开发者ID:971sec,项目名称:crits,代码行数:104,代码来源:handlers.py


注:本文中的crits.vocabulary.relationships.RelationshipTypes.inverse方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。